Red Hat Jboss Brms
By the Year
In 2023 there have been 0 vulnerabilities in Red Hat Jboss Brms . Jboss Brms did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 5.90 |
| 2020 | 0 | 0.00 |
| 2019 | 5 | 8.88 |
| 2018 | 1 | 6.50 |
It may take a day or so for new Jboss Brms vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Red Hat Jboss Brms Security Vulnerabilities
A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles
CVE-2020-14340
5.9 - Medium
- June 02, 2021
A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 through 3.8.1.Final.
An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6
CVE-2018-12022
7.5 - High
- March 21, 2019
An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Jodd-db jar (for database access for the Jodd framework) in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload.
Marshaling, Unmarshaling
An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6
CVE-2018-12023
7.5 - High
- March 21, 2019
An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Oracle JDBC jar in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload.
Marshaling, Unmarshaling
FasterXML jackson-databind 2.x before 2.9.8 might
CVE-2018-19360
9.8 - Critical
- January 02, 2019
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.
Marshaling, Unmarshaling
FasterXML jackson-databind 2.x before 2.9.8 might
CVE-2018-19361
9.8 - Critical
- January 02, 2019
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.
Marshaling, Unmarshaling
FasterXML jackson-databind 2.x before 2.9.8 might
CVE-2018-19362
9.8 - Critical
- January 02, 2019
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.
Marshaling, Unmarshaling
Drools Workbench contains a path traversal vulnerability
CVE-2016-7041
6.5 - Medium
- September 10, 2018
Drools Workbench contains a path traversal vulnerability. The vulnerability allows a remote, authenticated attacker to bypass the directory restrictions and retrieve arbitrary files from the affected host.
Directory traversal
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Red Hat Jboss Brms or by Red Hat? Click the Watch button to subscribe.
